Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when ...Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.展开更多
With the intelligentization of the Internet of Vehicles(lovs),Artificial Intelligence(Al)technology is becoming more and more essential,especially deep learning.Federated Deep Learning(FDL)is a novel distributed machi...With the intelligentization of the Internet of Vehicles(lovs),Artificial Intelligence(Al)technology is becoming more and more essential,especially deep learning.Federated Deep Learning(FDL)is a novel distributed machine learning technology and is able to address the challenges like data security,privacy risks,and huge communication overheads from big raw data sets.However,FDL can only guarantee data security and privacy among multiple clients during data training.If the data sets stored locally in clients are corrupted,including being tampered with and lost,the training results of the FDL in intelligent IoVs must be negatively affected.In this paper,we are the first to design a secure data auditing protocol to guarantee the integrity and availability of data sets in FDL-empowered IoVs.Specifically,the cuckoo filter and Reed-Solomon codes are utilized to guarantee error tolerance,including efficient corrupted data locating and recovery.In addition,a novel data structure,Skip Hash Table(SHT)is designed to optimize data dynamics.Finally,we illustrate the security of the scheme with the Computational Diffie-Hellman(CDH)assumption on bilinear groups.Sufficient theoretical analyses and performance evaluations demonstrate the security and efficiency of our scheme for data sets in FDL-empowered IoVs.展开更多
Federated learning is an important distributed model training technique in Internet of Things(IoT),in which participant selection is a key component that plays a role in improving training efficiency and model accurac...Federated learning is an important distributed model training technique in Internet of Things(IoT),in which participant selection is a key component that plays a role in improving training efficiency and model accuracy.This module enables a central server to select a subset of participants to performmodel training based on data and device information.By doing so,selected participants are rewarded and actively perform model training,while participants that are detrimental to training efficiency and model accuracy are excluded.However,in practice,participants may suspect that the central server may have miscalculated and thus not made the selection honestly.This lack of trustworthiness problem,which can demotivate participants,has received little attention.Another problem that has received little attention is the leakage of participants’private information during the selection process.We will therefore propose a federated learning framework with auditable participant selection.It supports smart contracts in selecting a set of suitable participants based on their training loss without compromising the privacy.Considering the possibility of malicious campaigning and impersonation of participants,the framework employs commitment schemes and zero-knowledge proofs to counteract these malicious behaviors.Finally,we analyze the security of the framework and conduct a series of experiments to demonstrate that the framework can effectively improve the efficiency of federated learning.展开更多
This paper aims to investigate the effect of the characteristics of the internal audit function(IAF)on earnings management(EM)for a sample of 27 Tunisian listed companies.The authors employed the Correlated Panels Cor...This paper aims to investigate the effect of the characteristics of the internal audit function(IAF)on earnings management(EM)for a sample of 27 Tunisian listed companies.The authors employed the Correlated Panels Corrected Standard Errors model to estimate the regression equation.The results showed that EM is negatively associated with internal audit effectiveness,frequency of audit committee meetings with Chief Audit Executives(CAEs),the partial outsourcing of internal audit,and the firm’s size.Moreover,the authors found a positive relationship between EM and the use of IAF as a training ground for management and the private sector.This study is important to academics,regulators,and policymakers in introducing new governance reforms to strengthen the IAF as an important internal governance mechanism to reduce earnings management practices in emerging countries.The results also provide useful information for investors to examine the effect of internal audit characteristics on earnings management.展开更多
The aim of this study is to examine the qualities that auditors engaged in detecting potential fraud within multinational corporations in Sub-Saharan Africa should possess.To achieve this goal,a quantitative approach ...The aim of this study is to examine the qualities that auditors engaged in detecting potential fraud within multinational corporations in Sub-Saharan Africa should possess.To achieve this goal,a quantitative approach was used to develop and test a research model based on three theories:agency theory,attribution theory,and cognitive dissonance theory.Responses from a panel of two hundred and nine(209)auditors who conducted a legal audit mission in a Sub-Saharan multinational were analyzed using SmartPLS 3.3.3 software.The results emphasize the crucial importance of auditors’competence and continuous training in fraud detection.However,professional skepticism and time pressure were found to be non-significant in this context.This conclusion provides essential insights for auditors,highlighting the key qualities needed to effectively address fraud detection within multinational corporations in Sub-Saharan Africa.展开更多
This paper focuses on the innovation of audit business management in the information technology era.In the wave of digitalization,audit companies need to adjust their management mode to take advantage of the advantage...This paper focuses on the innovation of audit business management in the information technology era.In the wave of digitalization,audit companies need to adjust their management mode to take advantage of the advantages of informatization.The key is to use digital tools to strengthen data analysis and reshape the audit process.This not only improves efficiency and accuracy but also improves the overall audit quality.The article also highlights the importance of developing a culture of continued auditor learning and skills development to ensure competitiveness in the digital age.At the end of the paper,the success of audit companies depends on innovation ability and the importance of combining management mode with technological innovation.展开更多
As China strives towards the second centenary goal,increasing attention is being paid to environmental pollution and other related issues.Concurrently,with the rapid development of big data technology,many big data so...As China strives towards the second centenary goal,increasing attention is being paid to environmental pollution and other related issues.Concurrently,with the rapid development of big data technology,many big data solutions have been applied to environmental pollution control audits,exerting a significant impact.This paper presents the current situation of environmental pollution audits,summarizing the application of big data from the perspectives of both domestic and international research.In terms of data collection and data analysis for environmental pollution audits,cloud platform technology,and visualization technology are selected based on multiple data sources.The impact in the field of environmental pollution control audits is further analyzed.It is found that the environmental pollution audit cloud platform is not yet perfect,the technical skills of audit personnel are insufficient,and some technologies are not mature.Relevant suggestions are put forward to provide a reference for the future development of big data technology and its integration with environmental pollution control audits.展开更多
This study focused on a multi-indicator assessment methodology for governmental environmental auditing of water protection programs. The environmental status of Wuli Lake in China was assessed using the global indicat...This study focused on a multi-indicator assessment methodology for governmental environmental auditing of water protection programs. The environmental status of Wuli Lake in China was assessed using the global indicators (driver-status-response) developed by the Commission on Sustainable Development, and four additional indicators proposed by the author: water quality, pollution load, aquatic ecosystem status, and lake sediment deposition. Various hydrological, chemical, biological and environmental parameters were used to estimate the values of the indicators for assessment of environmental status of the lake based on time series data sets for twenty years. The indicators proposed can be customized to meeting the needs for particular assessment of water protection programs. This method can be used to evaluate the performance of national environmental protection programs and provide technical support for environmental auditors.展开更多
Perfecting the natural resource system and auditing natural resource assets are requirements in protecting natural resources and developing an ecological civilization in practice.While the natural resource asset audit...Perfecting the natural resource system and auditing natural resource assets are requirements in protecting natural resources and developing an ecological civilization in practice.While the natural resource asset audit both confirms and quantifies natural resources,the nature of such resources makes it difficult to identify their ownership.Further,these resources'diversity creates complex measurement standards and activities,all of which require relevant institutional guarantees.However,the existing audit system for natural resource assets includes insufficient stock,incremental difficulties,and poor guidance,which cannot meet the requirements for environmental governance and an ecological civilization.Thus,it is necessary to define natural resource assets’rights and measurement systems and responsibility regulations,among others;construct an auditing participation system,technical regulations,and evaluation criterion for natural resource assets;amend the Audit Law in a timely manner;and enact natural resource asset legislation.Ultimately,such efforts would eliminate the bottleneck in the natural resource asset auditing system and facilitate the construction of a resource-saving,environmentally friendly society.展开更多
The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is...The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.展开更多
In this work, a survey is used to investigate the current energy performance for Faculty of Applied Medical Sciences (previously Faculty of Engineering) at Taibah University in Medina city. The results of the survey s...In this work, a survey is used to investigate the current energy performance for Faculty of Applied Medical Sciences (previously Faculty of Engineering) at Taibah University in Medina city. The results of the survey show that several factors affect the energy performance in this building. It revealed that the building has been poorly designed from the point of view of thermal performance. Therefore, the building energy consumption needs to be monitored and maintained through energy auditing program. To determine the energy profile, the power consumption was calculated;the cooling load was estimated and analyzed to know the actual capacity required. The level of comfort in the building has been evaluated. Against the installed air conditioning capacity of 200-ton refrigeration, the cooling load calculations showed that the maximum cooling load needed, which is in August is only 83.22-ton refrigeration. In addition, illumination levels were measured and compared to the standard levels. Based on obtained results, two solutions were proposed: to install a building management system with approximate cost of 337,904 SR and to replace the existing chiller. Finally, the payback period for the proposed system has been estimated and found to be about 5.4 years.展开更多
Big Data and Data Analytics affect almost all aspects of modern organisations’decision-making and business strategies.Big Data and Data Analytics create opportunities,challenges,and implications for the external audi...Big Data and Data Analytics affect almost all aspects of modern organisations’decision-making and business strategies.Big Data and Data Analytics create opportunities,challenges,and implications for the external auditing procedure.The purpose of this article is to reveal essential aspects of the impact of Big Data and Data Analytics on external auditing.It seems that Big Data Analytics is a critical tool for organisations,as well as auditors,that contributes to the enhancement of the auditing process.Also,legislative implications must be taken under consideration,since existing standards may need to change.Last,auditors need to develop new skills and competence,and educational organisations need to change their educational programs in order to be able to correspond to new market needs.展开更多
A GIS audit framework is necessary considering the diverse nature of GIS with regard to components, applications and industry. In practice, checklists are generated during the audit process based on specific objective...A GIS audit framework is necessary considering the diverse nature of GIS with regard to components, applications and industry. In practice, checklists are generated during the audit process based on specific objectives. There is no standardized list of items that can be used as a reference. The purpose of this study was to develop a GIS audit framework as a foundation for GIS audits. The framework provides that comprehensive approach to various GIS aspects during the audit process. The design builds on a developed conceptual framework where most significant categories of GIS audit parameters namely data quality, software utilization, GIS competency and procedures (work flows) were identified. The study adopted a reductive model approach to simplify the complexity associated with each category of GIS audit parameter. The resultant audit elements for each category are organized in a matrix that forms an integral part of the framework. The columns comprise audit goal, audit questions and audit subjects as indicators which are qualitatively measured. The rows comprise the parameters (data quality, software utilization, personnel competency and procedure (workflows)). To use the framework, an auditor only needs to create an audit checklist that consists of particular parameters and indicators from the framework depending on audit objective. As part of an on-going research, the next step will involve validating the framework through a mock testing process.展开更多
The possibilities for improving energy efficiency in ready-made composite garment factories in Bangladesh are assessed in this study. This work aims to understand the impacts of energy consumption on garment productio...The possibilities for improving energy efficiency in ready-made composite garment factories in Bangladesh are assessed in this study. This work aims to understand the impacts of energy consumption on garment production and determine the scope of energy efficiency improvement based on energy-related data collected from a garment factory over a three-year period (2018-2020). Data from 2018 is used as the baseline and is compared to data from 2019 and 2020. It has been discovered that energy consumption has a seasonal impact. Despite the fact that electricity consumption decreased significantly during the 2020 pandemic, the energy consumption pattern in 2020 was found to be similar to that of 2018 and 2019. To improve energy efficiency, recommendations are made to modify the boiler, water pumps, gas generators, electrical motors, and lighting systems in specific ways. These suggested actions could save BDT 95 million (1.15 million US dollars) on power generation and BDT 20.5 million (0.25 million US dollars) on natural gas used for power and heat generation. These would result in a 3.75 percent reduction in the unit (kWh/kg) production energy requirement and a 3.65 percent reduction in natural gas usage per unit production, respectively, when compared to current conditions. Furthermore, these changes will provide an opportunity to reduce greenhouse gas emissions by 9.78%.展开更多
With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enoug...With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enough to reliably save and maintain data,which greatly affects users’confidence in purchasing and consuming cloud storage services.Traditional data integrity auditing techniques for cloud data storage are centralized,which faces huge security risks due to single-point-of-failure and vulnerabilities of central auditing servers.Blockchain technology offers a new approach to this problem.Many researchers have endeavored to employ the blockchain for data integrity auditing.Based on the search of relevant papers,we found that existing literature lacks a thorough survey of blockchain-based integrity auditing for cloud data.In this paper,we make an in-depth survey on cloud data integrity auditing based on blockchain.Firstly,we cover essential basic knowledge of integrity auditing for cloud data and blockchain techniques.Then,we propose a series of requirements for evaluating existing Blockchain-based Data Integrity Auditing(BDIA)schemes.Furthermore,we provide a comprehensive review of existing BDIA schemes and evaluate them based on our proposed criteria.Finally,according to our completed review and analysis,we explore some open issues and suggest research directions worthy of further efforts in the future.展开更多
The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or n...The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or not, significant clients concerns raise on some aspects like social, location and the laws to which the data are subject to. The problem is even magnified more with the lack of transparency by Cloud Service Providers (CSPs). Auditing and compliance enforcement introduce different set of challenges in cloud computing that are not yet resolved. In this paper, a conducted questionnaire showed that the data owners have real concerns about not just the secrecy and integrity of their data in cloud environment, but also for spatial, temporal, and legal issues related to their data especially for sensitive or personal data. The questionnaire results show the importance for the data owners to address mainly three major issues: Their ability to continue the work, the secrecy and integrity of their data, and the spatial, legal, temporal constraints related to their data. Although a good volume of work was dedicated for auditing in the literature, only little work was dedicated to the fulfillment of the contractual obligations of the CSPs. The paper contributes to knowledge by proposing an extension to the auditing models to include the fulfillment of contractual obligations aspects beside the important aspects of secrecy and integrity of client’s data.展开更多
Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authentica...Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.展开更多
基金This research was supported by the Qinghai Provincial High-End Innovative and Entrepreneurial Talents Project.
文摘Currently,there is a growing trend among users to store their data in the cloud.However,the cloud is vulnerable to persistent data corruption risks arising from equipment failures and hacker attacks.Additionally,when users perform file operations,the semantic integrity of the data can be compromised.Ensuring both data integrity and semantic correctness has become a critical issue that requires attention.We introduce a pioneering solution called Sec-Auditor,the first of its kind with the ability to verify data integrity and semantic correctness simultaneously,while maintaining a constant communication cost independent of the audited data volume.Sec-Auditor also supports public auditing,enabling anyone with access to public information to conduct data audits.This feature makes Sec-Auditor highly adaptable to open data environments,such as the cloud.In Sec-Auditor,users are assigned specific rules that are utilized to verify the accuracy of data semantic.Furthermore,users are given the flexibility to update their own rules as needed.We conduct in-depth analyses of the correctness and security of Sec-Auditor.We also compare several important security attributes with existing schemes,demonstrating the superior properties of Sec-Auditor.Evaluation results demonstrate that even for time-consuming file upload operations,our solution is more efficient than the comparison one.
基金supported by the National Natural Science Foundation of China under Grants No.U1836115,No.61922045,No.61877034,No.61772280the Natural Science Foundation of Jiangsu Province under Grant No.BK20181408+2 种基金the Peng Cheng Laboratory Project of Guangdong Province PCL2018KP004the CICAEET fundthe PAPD fund.
文摘With the intelligentization of the Internet of Vehicles(lovs),Artificial Intelligence(Al)technology is becoming more and more essential,especially deep learning.Federated Deep Learning(FDL)is a novel distributed machine learning technology and is able to address the challenges like data security,privacy risks,and huge communication overheads from big raw data sets.However,FDL can only guarantee data security and privacy among multiple clients during data training.If the data sets stored locally in clients are corrupted,including being tampered with and lost,the training results of the FDL in intelligent IoVs must be negatively affected.In this paper,we are the first to design a secure data auditing protocol to guarantee the integrity and availability of data sets in FDL-empowered IoVs.Specifically,the cuckoo filter and Reed-Solomon codes are utilized to guarantee error tolerance,including efficient corrupted data locating and recovery.In addition,a novel data structure,Skip Hash Table(SHT)is designed to optimize data dynamics.Finally,we illustrate the security of the scheme with the Computational Diffie-Hellman(CDH)assumption on bilinear groups.Sufficient theoretical analyses and performance evaluations demonstrate the security and efficiency of our scheme for data sets in FDL-empowered IoVs.
基金supported by the Key-Area Research and Development Program of Guangdong Province under Grant No.2020B0101090004the National Natural Science Foundation of China under Grant No.62072215,the Guangzhou Basic Research Plan City-School Joint Funding Project under Grant No.2024A03J0405+1 种基金the Guangzhou Basic and Applied Basic Research Foundation under Grant No.2024A04J3458the State Archives Administration Science and Technology Program Plan of China under Grant 2023-X-028.
文摘Federated learning is an important distributed model training technique in Internet of Things(IoT),in which participant selection is a key component that plays a role in improving training efficiency and model accuracy.This module enables a central server to select a subset of participants to performmodel training based on data and device information.By doing so,selected participants are rewarded and actively perform model training,while participants that are detrimental to training efficiency and model accuracy are excluded.However,in practice,participants may suspect that the central server may have miscalculated and thus not made the selection honestly.This lack of trustworthiness problem,which can demotivate participants,has received little attention.Another problem that has received little attention is the leakage of participants’private information during the selection process.We will therefore propose a federated learning framework with auditable participant selection.It supports smart contracts in selecting a set of suitable participants based on their training loss without compromising the privacy.Considering the possibility of malicious campaigning and impersonation of participants,the framework employs commitment schemes and zero-knowledge proofs to counteract these malicious behaviors.Finally,we analyze the security of the framework and conduct a series of experiments to demonstrate that the framework can effectively improve the efficiency of federated learning.
文摘This paper aims to investigate the effect of the characteristics of the internal audit function(IAF)on earnings management(EM)for a sample of 27 Tunisian listed companies.The authors employed the Correlated Panels Corrected Standard Errors model to estimate the regression equation.The results showed that EM is negatively associated with internal audit effectiveness,frequency of audit committee meetings with Chief Audit Executives(CAEs),the partial outsourcing of internal audit,and the firm’s size.Moreover,the authors found a positive relationship between EM and the use of IAF as a training ground for management and the private sector.This study is important to academics,regulators,and policymakers in introducing new governance reforms to strengthen the IAF as an important internal governance mechanism to reduce earnings management practices in emerging countries.The results also provide useful information for investors to examine the effect of internal audit characteristics on earnings management.
文摘The aim of this study is to examine the qualities that auditors engaged in detecting potential fraud within multinational corporations in Sub-Saharan Africa should possess.To achieve this goal,a quantitative approach was used to develop and test a research model based on three theories:agency theory,attribution theory,and cognitive dissonance theory.Responses from a panel of two hundred and nine(209)auditors who conducted a legal audit mission in a Sub-Saharan multinational were analyzed using SmartPLS 3.3.3 software.The results emphasize the crucial importance of auditors’competence and continuous training in fraud detection.However,professional skepticism and time pressure were found to be non-significant in this context.This conclusion provides essential insights for auditors,highlighting the key qualities needed to effectively address fraud detection within multinational corporations in Sub-Saharan Africa.
文摘This paper focuses on the innovation of audit business management in the information technology era.In the wave of digitalization,audit companies need to adjust their management mode to take advantage of the advantages of informatization.The key is to use digital tools to strengthen data analysis and reshape the audit process.This not only improves efficiency and accuracy but also improves the overall audit quality.The article also highlights the importance of developing a culture of continued auditor learning and skills development to ensure competitiveness in the digital age.At the end of the paper,the success of audit companies depends on innovation ability and the importance of combining management mode with technological innovation.
文摘As China strives towards the second centenary goal,increasing attention is being paid to environmental pollution and other related issues.Concurrently,with the rapid development of big data technology,many big data solutions have been applied to environmental pollution control audits,exerting a significant impact.This paper presents the current situation of environmental pollution audits,summarizing the application of big data from the perspectives of both domestic and international research.In terms of data collection and data analysis for environmental pollution audits,cloud platform technology,and visualization technology are selected based on multiple data sources.The impact in the field of environmental pollution control audits is further analyzed.It is found that the environmental pollution audit cloud platform is not yet perfect,the technical skills of audit personnel are insufficient,and some technologies are not mature.Relevant suggestions are put forward to provide a reference for the future development of big data technology and its integration with environmental pollution control audits.
基金Project supported by the International Project between The Netherlands Royal Academy of Arts and Sciences and Chinese Academy of Sciences (No. 04CDP014) the National Natural Science Foundation of China (No. 40471130)
文摘This study focused on a multi-indicator assessment methodology for governmental environmental auditing of water protection programs. The environmental status of Wuli Lake in China was assessed using the global indicators (driver-status-response) developed by the Commission on Sustainable Development, and four additional indicators proposed by the author: water quality, pollution load, aquatic ecosystem status, and lake sediment deposition. Various hydrological, chemical, biological and environmental parameters were used to estimate the values of the indicators for assessment of environmental status of the lake based on time series data sets for twenty years. The indicators proposed can be customized to meeting the needs for particular assessment of water protection programs. This method can be used to evaluate the performance of national environmental protection programs and provide technical support for environmental auditors.
基金supported by Chinese National Funding of Social Science[Grant number.18BJY024],Study on the Cooperative Supervision Mechanism of Budget Implementation Based on National Audit.
文摘Perfecting the natural resource system and auditing natural resource assets are requirements in protecting natural resources and developing an ecological civilization in practice.While the natural resource asset audit both confirms and quantifies natural resources,the nature of such resources makes it difficult to identify their ownership.Further,these resources'diversity creates complex measurement standards and activities,all of which require relevant institutional guarantees.However,the existing audit system for natural resource assets includes insufficient stock,incremental difficulties,and poor guidance,which cannot meet the requirements for environmental governance and an ecological civilization.Thus,it is necessary to define natural resource assets’rights and measurement systems and responsibility regulations,among others;construct an auditing participation system,technical regulations,and evaluation criterion for natural resource assets;amend the Audit Law in a timely manner;and enact natural resource asset legislation.Ultimately,such efforts would eliminate the bottleneck in the natural resource asset auditing system and facilitate the construction of a resource-saving,environmentally friendly society.
基金This work is supported by the National Key R&D Program of China(2016YFB0800402)partially supported by the National Natural Science Foundation of China under Grant No.61232004and the Fundamental Research Funds for the Central Universities(2016YXMS020).
文摘The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.
文摘In this work, a survey is used to investigate the current energy performance for Faculty of Applied Medical Sciences (previously Faculty of Engineering) at Taibah University in Medina city. The results of the survey show that several factors affect the energy performance in this building. It revealed that the building has been poorly designed from the point of view of thermal performance. Therefore, the building energy consumption needs to be monitored and maintained through energy auditing program. To determine the energy profile, the power consumption was calculated;the cooling load was estimated and analyzed to know the actual capacity required. The level of comfort in the building has been evaluated. Against the installed air conditioning capacity of 200-ton refrigeration, the cooling load calculations showed that the maximum cooling load needed, which is in August is only 83.22-ton refrigeration. In addition, illumination levels were measured and compared to the standard levels. Based on obtained results, two solutions were proposed: to install a building management system with approximate cost of 337,904 SR and to replace the existing chiller. Finally, the payback period for the proposed system has been estimated and found to be about 5.4 years.
文摘Big Data and Data Analytics affect almost all aspects of modern organisations’decision-making and business strategies.Big Data and Data Analytics create opportunities,challenges,and implications for the external auditing procedure.The purpose of this article is to reveal essential aspects of the impact of Big Data and Data Analytics on external auditing.It seems that Big Data Analytics is a critical tool for organisations,as well as auditors,that contributes to the enhancement of the auditing process.Also,legislative implications must be taken under consideration,since existing standards may need to change.Last,auditors need to develop new skills and competence,and educational organisations need to change their educational programs in order to be able to correspond to new market needs.
基金This paper is supported by National Natural Science Foundation of China (NoL70372028), the "Projects 985" and "Projects 211" of Nankai University. It's the authors' responsibility to stand the errors in this paper.
.
文摘A GIS audit framework is necessary considering the diverse nature of GIS with regard to components, applications and industry. In practice, checklists are generated during the audit process based on specific objectives. There is no standardized list of items that can be used as a reference. The purpose of this study was to develop a GIS audit framework as a foundation for GIS audits. The framework provides that comprehensive approach to various GIS aspects during the audit process. The design builds on a developed conceptual framework where most significant categories of GIS audit parameters namely data quality, software utilization, GIS competency and procedures (work flows) were identified. The study adopted a reductive model approach to simplify the complexity associated with each category of GIS audit parameter. The resultant audit elements for each category are organized in a matrix that forms an integral part of the framework. The columns comprise audit goal, audit questions and audit subjects as indicators which are qualitatively measured. The rows comprise the parameters (data quality, software utilization, personnel competency and procedure (workflows)). To use the framework, an auditor only needs to create an audit checklist that consists of particular parameters and indicators from the framework depending on audit objective. As part of an on-going research, the next step will involve validating the framework through a mock testing process.
文摘The possibilities for improving energy efficiency in ready-made composite garment factories in Bangladesh are assessed in this study. This work aims to understand the impacts of energy consumption on garment production and determine the scope of energy efficiency improvement based on energy-related data collected from a garment factory over a three-year period (2018-2020). Data from 2018 is used as the baseline and is compared to data from 2019 and 2020. It has been discovered that energy consumption has a seasonal impact. Despite the fact that electricity consumption decreased significantly during the 2020 pandemic, the energy consumption pattern in 2020 was found to be similar to that of 2018 and 2019. To improve energy efficiency, recommendations are made to modify the boiler, water pumps, gas generators, electrical motors, and lighting systems in specific ways. These suggested actions could save BDT 95 million (1.15 million US dollars) on power generation and BDT 20.5 million (0.25 million US dollars) on natural gas used for power and heat generation. These would result in a 3.75 percent reduction in the unit (kWh/kg) production energy requirement and a 3.65 percent reduction in natural gas usage per unit production, respectively, when compared to current conditions. Furthermore, these changes will provide an opportunity to reduce greenhouse gas emissions by 9.78%.
基金This work was supported in part by the National Natural Science Foundation of China under Grant 62072351in part by the Academy of Finland under Grant 308087,Grant 335262,Grant 345072,and Grant 350464+1 种基金in part by the Open Project of Zhejiang Lab under Grant 2021PD0AB01and in part by the 111 Project under Grant B16037.
文摘With the rapid advancement of cloud computing,cloud storage services have developed rapidly.One issue that has attracted particular attention in such remote storage services is that cloud storage servers are not enough to reliably save and maintain data,which greatly affects users’confidence in purchasing and consuming cloud storage services.Traditional data integrity auditing techniques for cloud data storage are centralized,which faces huge security risks due to single-point-of-failure and vulnerabilities of central auditing servers.Blockchain technology offers a new approach to this problem.Many researchers have endeavored to employ the blockchain for data integrity auditing.Based on the search of relevant papers,we found that existing literature lacks a thorough survey of blockchain-based integrity auditing for cloud data.In this paper,we make an in-depth survey on cloud data integrity auditing based on blockchain.Firstly,we cover essential basic knowledge of integrity auditing for cloud data and blockchain techniques.Then,we propose a series of requirements for evaluating existing Blockchain-based Data Integrity Auditing(BDIA)schemes.Furthermore,we provide a comprehensive review of existing BDIA schemes and evaluate them based on our proposed criteria.Finally,according to our completed review and analysis,we explore some open issues and suggest research directions worthy of further efforts in the future.
文摘The user control over the life cycle of data is of an extreme importance in clouds in order to determine whether the service provider adheres to the client’s pre-specified needs in the contract between them or not, significant clients concerns raise on some aspects like social, location and the laws to which the data are subject to. The problem is even magnified more with the lack of transparency by Cloud Service Providers (CSPs). Auditing and compliance enforcement introduce different set of challenges in cloud computing that are not yet resolved. In this paper, a conducted questionnaire showed that the data owners have real concerns about not just the secrecy and integrity of their data in cloud environment, but also for spatial, temporal, and legal issues related to their data especially for sensitive or personal data. The questionnaire results show the importance for the data owners to address mainly three major issues: Their ability to continue the work, the secrecy and integrity of their data, and the spatial, legal, temporal constraints related to their data. Although a good volume of work was dedicated for auditing in the literature, only little work was dedicated to the fulfillment of the contractual obligations of the CSPs. The paper contributes to knowledge by proposing an extension to the auditing models to include the fulfillment of contractual obligations aspects beside the important aspects of secrecy and integrity of client’s data.
基金supported by National Natural Science Foundation of China (No. 61572267, No. 61272425, No. 61402245)the Open Project of Co-Innovation Center for Information Supply & Assurance Technology, Anhui University+1 种基金the Open Project of the State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences(No.2017-MS-21, No.2016-MS-23)National Cryptography Development Fund of China (MMJJ20170118)
文摘Identity-based public cloud storage auditing schemes can check the integrity of cloud data, and reduce the complicated certificate management. In such a scheme, one Private Key Generator(PKG) is employed to authenticate the identity and generate private keys for all users, and one Third Party Auditor(TPA) is employed to by users to check the integrity of cloud data. This approach is undesirable for large-scale users since the PKG and the TPA might not be able to afford the heavy workload. To solve the problem, we give a hierarchical Private Key Generator structure for large-scale user groups, in which a root PKG delegates lower-level PKGs to generate private keys and authenticate identities. Based on the proposed structure, we propose an authorized identity-based public cloud storage auditing scheme, in which the lowest-level PKGs play the role of TPA, and only the authorized lowest-level PKGs can represent users in their domains to check cloud data's integrity. Furthermore, we give the formal security analysis and experimental results, which show that our proposed scheme is secure and efficient.